GB2536326B - Process plant network with secured external access - Google Patents

Process plant network with secured external access Download PDF

Info

Publication number
GB2536326B
GB2536326B GB1520098.3A GB201520098A GB2536326B GB 2536326 B GB2536326 B GB 2536326B GB 201520098 A GB201520098 A GB 201520098A GB 2536326 B GB2536326 B GB 2536326B
Authority
GB
United Kingdom
Prior art keywords
process plant
external access
plant network
secured external
secured
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
GB1520098.3A
Other languages
English (en)
Other versions
GB2536326A (en
GB201520098D0 (en
Inventor
A Neitzel Lee
Halver Ussing Dan
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fisher Rosemount Systems Inc
Original Assignee
Fisher Rosemount Systems Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fisher Rosemount Systems Inc filed Critical Fisher Rosemount Systems Inc
Publication of GB201520098D0 publication Critical patent/GB201520098D0/en
Publication of GB2536326A publication Critical patent/GB2536326A/en
Application granted granted Critical
Publication of GB2536326B publication Critical patent/GB2536326B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4185Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
    • G05B19/41855Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication by local area network [LAN], network structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B15/00Systems controlled by a computer
    • G05B15/02Systems controlled by a computer electric
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4184Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by fault tolerance, reliability of production system
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/418Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM]
    • G05B19/4185Total factory control, i.e. centrally controlling a plurality of machines, e.g. direct or distributed numerical control [DNC], flexible manufacturing systems [FMS], integrated manufacturing systems [IMS] or computer integrated manufacturing [CIM] characterised by the network communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/66Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Manufacturing & Machinery (AREA)
  • Testing And Monitoring For Control Systems (AREA)
  • Programmable Controllers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
GB1520098.3A 2014-11-21 2015-11-13 Process plant network with secured external access Active GB2536326B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US14/549,909 US11073805B2 (en) 2014-11-21 2014-11-21 Process plant network with secured external access

Publications (3)

Publication Number Publication Date
GB201520098D0 GB201520098D0 (en) 2015-12-30
GB2536326A GB2536326A (en) 2016-09-14
GB2536326B true GB2536326B (en) 2021-11-03

Family

ID=55132789

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1520098.3A Active GB2536326B (en) 2014-11-21 2015-11-13 Process plant network with secured external access

Country Status (5)

Country Link
US (1) US11073805B2 (enrdf_load_stackoverflow)
JP (1) JP6806437B2 (enrdf_load_stackoverflow)
CN (1) CN105629924B (enrdf_load_stackoverflow)
DE (1) DE102015120129A1 (enrdf_load_stackoverflow)
GB (1) GB2536326B (enrdf_load_stackoverflow)

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5850015B2 (ja) * 2013-09-17 2016-02-03 横河電機株式会社 アンテナモジュール及び無線機器
US10462261B2 (en) * 2015-06-24 2019-10-29 Yokogawa Electric Corporation System and method for configuring a data access system
US10599134B2 (en) * 2016-07-22 2020-03-24 Fisher-Rosemount Systems, Inc. Portable field maintenance tool configured for multiple process control communication protocols
GB2555720B (en) * 2016-10-17 2023-04-12 Fisher Rosemount Systems Inc Systems and apparatus for distribution of process control data to remote devices
US10539936B2 (en) 2016-10-17 2020-01-21 Fisher-Rosemount Systems, Inc. Methods and apparatus for configuring remote access of process control data
US10619760B2 (en) 2016-10-24 2020-04-14 Fisher Controls International Llc Time-series analytics for control valve health assessment
US10530748B2 (en) * 2016-10-24 2020-01-07 Fisher-Rosemount Systems, Inc. Publishing data across a data diode for secured process control communications
US9934671B1 (en) 2016-10-24 2018-04-03 Fisher Controls International Llc Valve service detection through data analysis
US10877465B2 (en) 2016-10-24 2020-12-29 Fisher-Rosemount Systems, Inc. Process device condition and performance monitoring
US10270745B2 (en) * 2016-10-24 2019-04-23 Fisher-Rosemount Systems, Inc. Securely transporting data across a data diode for secured process control communications
US10257163B2 (en) 2016-10-24 2019-04-09 Fisher-Rosemount Systems, Inc. Secured process control communications
JP6772899B2 (ja) * 2017-03-06 2020-10-21 横河電機株式会社 管理装置、中継装置、フィールド無線システム、設定方法、プログラム及び記録媒体
US11323519B2 (en) * 2017-04-19 2022-05-03 Microsoft Technology Licensing, Llc Internet of things pub-sub data publisher
US11196711B2 (en) * 2017-07-21 2021-12-07 Fisher-Rosemount Systems, Inc. Firewall for encrypted traffic in a process control system
CN108848067B (zh) * 2018-05-28 2021-05-25 北京威努特技术有限公司 智能学习并预置只读白名单规则的opc协议安全防护方法
EP3702920A1 (en) * 2019-03-01 2020-09-02 ABB Schweiz AG Heterogeneous execution engines in a network centric process control system
EP3758333B1 (en) * 2019-06-25 2022-09-28 Schneider Electric Industries SAS Method for configuring an industrial automation system
CN110505220B (zh) * 2019-08-12 2022-03-29 北京威努特技术有限公司 支持opc协议实现双机热备的方法、装置以及通信终端
US11768877B2 (en) * 2019-09-20 2023-09-26 Fisher-Rosemount Systems, Inc. Smart search capabilities in a process control system
US11768878B2 (en) * 2019-09-20 2023-09-26 Fisher-Rosemount Systems, Inc. Search results display in a process control system
CN113448289B (zh) * 2020-03-27 2022-11-08 中国石油化工股份有限公司 基于dmz的油气工业互联网数据处理系统
US20210377018A1 (en) * 2020-05-29 2021-12-02 Electric Power Research Institute, Inc. Secure remote access to industrial control systems using hardware based authentication
US20230079418A1 (en) * 2021-09-16 2023-03-16 Rockwell Automation Technologies, Inc. On-chassis backplane intrusion detection system and continuous thread detection enablement platform
EP4462211A1 (en) * 2023-05-10 2024-11-13 Basf Se Process automation system with security interface

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2386531A (en) * 2000-11-29 2003-09-17 Unilogic Inc A collaborative, fault-tolerant, scaleable, flexible, interactive real-time display and processing method and apparatus
GB2423392B (en) * 2003-10-17 2007-04-04 Invensys Sys Inc Methods and system for replicating and securing process control data
US20140165182A1 (en) * 2012-12-06 2014-06-12 Owl Computing Technologies, Inc. System for secure transfer of information from an industrial control system network

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2447963A1 (en) * 2003-10-31 2005-04-30 Ibm Canada Limited - Ibm Canada Limitee System and method for life sciences discovery, design and development
US20070186011A1 (en) * 2006-02-03 2007-08-09 Rockwell Automation Technologies, Inc. Industrial protocol and gateway
FR2901442B1 (fr) 2006-05-17 2008-08-22 Airbus France Sas Methode de transfert de fichier securise
US8266602B2 (en) 2006-05-31 2012-09-11 Honeywell International Inc. Apparatus and method for converting between device description languages in a process control system
US8726020B2 (en) * 2006-05-31 2014-05-13 Microsoft Corporation Updating configuration information to a perimeter network
TR200606833A2 (tr) 2006-12-01 2007-10-22 B�Lmed B�Lg�Sayar Ve Yazilim A.�. Web tarayıcı tabanlı uygulamalarda performans arttırma yöntemi
CN100466556C (zh) 2007-03-30 2009-03-04 华为技术有限公司 一种网络设备管理的方法和系统
US8601124B2 (en) * 2007-06-25 2013-12-03 Microsoft Corporation Secure publishing of data to DMZ using virtual hard drives
US8413227B2 (en) 2007-09-28 2013-04-02 Honeywell International Inc. Apparatus and method supporting wireless access to multiple security layers in an industrial control and automation system or other system
CN101877696B (zh) 2009-04-30 2014-01-08 国际商业机器公司 在网络应用环境下重构错误响应信息的设备和方法
US8155761B2 (en) 2009-07-23 2012-04-10 Fisher-Rosemount Systems, Inc. Process control system with integrated external data sources
GB2474545B (en) 2009-09-24 2015-06-24 Fisher Rosemount Systems Inc Integrated unified threat management for a process control system
CN102148827B (zh) 2011-02-11 2013-12-18 华为数字技术(成都)有限公司 安全事件管理方法、装置及安全管理平台
JP5662360B2 (ja) 2012-02-07 2015-01-28 日本電信電話株式会社 情報通信システム、コミュニティ管理サーバ、ゲートウェイ装置、情報通信方法およびプログラム
US9253054B2 (en) * 2012-08-09 2016-02-02 Rockwell Automation Technologies, Inc. Remote industrial monitoring and analytics using a cloud infrastructure
US9560523B2 (en) * 2013-08-23 2017-01-31 General Electric Company Mobile device authentication

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2386531A (en) * 2000-11-29 2003-09-17 Unilogic Inc A collaborative, fault-tolerant, scaleable, flexible, interactive real-time display and processing method and apparatus
GB2423392B (en) * 2003-10-17 2007-04-04 Invensys Sys Inc Methods and system for replicating and securing process control data
US20140165182A1 (en) * 2012-12-06 2014-06-12 Owl Computing Technologies, Inc. System for secure transfer of information from an industrial control system network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Honeywell Process Solutions, White Paper, "An overview of Honeywell's secure remote access to process control systems", August 2010 *

Also Published As

Publication number Publication date
JP2016105591A (ja) 2016-06-09
US20160147206A1 (en) 2016-05-26
GB2536326A (en) 2016-09-14
CN105629924B (zh) 2021-05-04
DE102015120129A1 (de) 2016-05-25
CN105629924A (zh) 2016-06-01
US11073805B2 (en) 2021-07-27
GB201520098D0 (en) 2015-12-30
JP6806437B2 (ja) 2021-01-06

Similar Documents

Publication Publication Date Title
GB2536326B (en) Process plant network with secured external access
PT3358941T (pt) Planta modificada
GB201413333D0 (en) Plant inoculation
GB201405800D0 (en) Process
GB201405210D0 (en) Process
GB2533999B (en) Power plant
GB201406890D0 (en) Process
GB201404468D0 (en) Process
PL3040176T3 (pl) Instalacja produkcyjna
GB201402950D0 (en) Process
GB201409126D0 (en) Process
GB201402782D0 (en) Process
GB201400137D0 (en) Process
IL250243A0 (en) Cucumber plant that stays green
GB201501504D0 (en) Nuclear power plant
GB201403057D0 (en) Process
PL3393234T3 (pl) Rośliny restorujące
GB201411623D0 (en) Process
GB201410174D0 (en) Process
GB201405929D0 (en) Process
GB201410202D0 (en) Process
GB201615655D0 (en) Access tower
GB202004939D0 (en) Modified plant
HUP1500575A2 (en) Wind-power plant
GB201510204D0 (en) Hydroelectric plant